Printing, Personal Computing and Mobile BoardsHave Been Migrated to HP Support Forums

Open Menu

Printing, Personal Computing and Mobile BoardsHave Been Migrated to HP Support ForumsOpen Menu

We have completed the migration of all boards within the Printing and Digital Imaging, Desktops and Workstations, and Mobile categories to the HP Support Forums. Please see this post for full details on the migration, and how to get to your content.

From applications to infrastructure, enterprises and governments alike face a constant barrage of digital attacks designed to steal data, cripple networks, damage brands, and perform a host of other malicious intents. HP Enterprise Security Products offers products and services that help organizations meet the security demands of a rapidly changing and more dangerous world. HP ESP enables businesses and institutions to take a proactive approach to security that integrates information correlation, deep application analysis and network-level defense mechanisms—unifying the components of a complete security program and reducing risk across your enterprise. In this blog, we will announce the latest offerings from HP ESP, discuss current trends in vulnerability research and technology, reveal new HP ESP security initiatives and promote our upcoming appearances and speaking engagements.

Leaving work recently I saw something shiny in the bushes and quickly discovered that somebody had either lost or discarded a CD in there. My first thought, of course...wonder what's on it (iTunes ain't cheap). Ten years ago, I'm sure I would have found out. Luckily, I now work in the security industry, and know better (most of the time, anyway). Unfortunatly, a lot of people who should don't. I was reminded of the results from a penetration test the Department of Homeland Security conducted this past summer where they dropped thumb drives in the parking lots of various federal agencies. How many were plugged in? A not insubstantial 60%. When a corporate logo was included, that rate went up to a staggering 90%. Remember, these are federal employees who one would assume have somewhat regular cyber security training. If HP conducts it once a year, I have to think the government does something similar.

We've been talking a lot amongst ourselves about the RSA breach earlier this year and how it could have been prevented. There are a lot of products and services that HP offers that could have stopped the explotation in its tracks. Unfortunately, we don't yet offer one that can conquer curiousity. In this day and age, when one vulnerability is all it can take to comprimise a site, and when critical infrastructure and information suddenly are web-accessible when that was not the original design, stronger training mechanisms are needed to prevent social engineering attacks of this nature. Are we really that far off from seeing public service announcements about cyber security? Probably not. I think we're about to find out what the cyber equivalent of 'duck and cover' is.